Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/f0ca51-3619-425d-88c5-c50183ce42e3/1/o0MlnRQzXdVZYg6NzD5KYPtWxdo.roa
File: o0MlnRQzXdVZYg6NzD5KYPtWxdo.roa (raw, json)
Hash identifier: aKhdVRSHUUkNiaLifKBWg9hY1chSuujQ5E+2K9bLDgI=
Subject key identifier: A3:43:25:9D:14:33:5D:D5:59:62:0E:8D:CC:3E:4A:60:FB:56:C5:DA
Certificate issuer: /CN=246d5c913452997968c721cca0c3ce0847c5c7db
Certificate serial: 0185727A2DAEF1D610F402A146453A930415
Authority key identifier: 24:6D:5C:91:34:52:99:79:68:C7:21:CC:A0:C3:CE:08:47:C5:C7:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JG1ckTRSmXloxyHMoMPOCEfFx9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/f0ca51-3619-425d-88c5-c50183ce42e3/1/o0MlnRQzXdVZYg6NzD5KYPtWxdo.roa
Signing time: Mon 02 Jan 2023 12:34:47 +0000
ROA not before: Mon 02 Jan 2023 12:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 2a11:3c02::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:2d:ae:f1:d6:10:f4:02:a1:46:45:3a:93:04:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=246d5c913452997968c721cca0c3ce0847c5c7db
Validity
Not Before: Jan 2 12:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a343259d14335dd559620e8dcc3e4a60fb56c5da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2f:f2:71:d3:7c:10:98:59:53:5a:af:40:11:
b0:e7:bc:13:70:c6:f2:35:ff:3b:1e:d2:bd:56:01:
b2:15:60:b5:0f:92:dd:2c:dc:ee:07:b7:5d:9a:2f:
2a:38:5a:7a:bc:f7:f7:8b:72:0a:90:35:b7:eb:ed:
11:fd:51:b2:52:39:27:42:ac:db:7b:2e:88:7a:a3:
cd:87:8d:f8:eb:19:eb:99:df:15:92:a9:f8:19:d9:
3a:17:03:8c:00:88:50:5e:e3:b5:1f:a2:cc:72:89:
ff:7c:d4:8d:db:41:56:0f:46:7c:76:0f:ad:6c:bb:
e1:43:5f:f7:cb:20:e0:5a:9b:df:00:79:09:3a:67:
56:3e:e5:b5:a1:2b:89:de:c3:d6:bd:4a:35:ea:96:
6e:e3:c9:e7:71:a5:ff:4c:6c:7b:1b:c0:ee:6a:3e:
ca:1e:67:96:c3:1c:f5:c6:cd:21:a1:6d:9c:c7:2b:
de:95:b5:10:8d:0d:0c:92:e8:4f:3a:4b:ca:ef:c6:
c1:a1:0f:45:ff:c4:81:2b:10:93:33:42:af:95:7f:
3d:10:76:8f:0f:ba:86:26:dc:9d:09:3f:d8:e2:bc:
fc:6c:03:fa:eb:3c:3a:0c:1c:66:de:0b:ab:83:85:
ac:ed:a9:b7:eb:89:74:cb:26:22:ef:6e:e0:e6:48:
48:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:43:25:9D:14:33:5D:D5:59:62:0E:8D:CC:3E:4A:60:FB:56:C5:DA
X509v3 Authority Key Identifier:
keyid:24:6D:5C:91:34:52:99:79:68:C7:21:CC:A0:C3:CE:08:47:C5:C7:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JG1ckTRSmXloxyHMoMPOCEfFx9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/f0ca51-3619-425d-88c5-c50183ce42e3/1/o0MlnRQzXdVZYg6NzD5KYPtWxdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/f0ca51-3619-425d-88c5-c50183ce42e3/1/JG1ckTRSmXloxyHMoMPOCEfFx9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:3c02::/32
Signature Algorithm: sha256WithRSAEncryption
9a:2e:81:6f:70:9e:9e:1f:bc:90:f3:5f:91:14:d0:b4:c2:aa:
6e:56:ba:f0:cb:43:68:e2:83:70:6b:5d:81:51:a6:eb:76:74:
2e:2d:fe:5c:7d:d3:2b:3d:c7:96:a7:82:0e:85:6a:9d:d8:70:
03:f2:f3:e6:8f:d4:20:f1:da:d0:78:2a:df:17:27:dd:2f:2f:
cd:25:89:ae:e7:21:57:97:4f:14:62:db:29:6a:81:dc:17:4a:
fd:75:a9:ec:33:ac:f9:1b:ef:9b:0b:f7:e9:d8:89:9a:2c:59:
0a:0e:8c:36:f7:5f:fd:48:d3:e6:40:b8:f9:ce:86:48:d8:90:
57:9e:f1:a4:0f:b4:23:49:d2:7d:73:cb:21:a6:17:2a:4a:f9:
04:5a:ce:20:f9:81:bf:5e:27:72:37:95:ae:e9:5f:ad:17:06:
ca:5d:ca:69:c8:db:b7:69:f5:50:69:65:3f:3b:0a:1a:1e:f3:
11:f4:d4:a2:76:e1:d4:6f:3a:8d:61:e4:54:38:51:2c:a7:c9:
0f:4e:f8:37:6f:9e:80:e0:70:d9:25:2a:53:b8:36:0d:c1:94:
6e:ba:49:4f:2a:df:32:fe:27:6b:d9:ae:4b:a7:3c:c6:17:d4:
6b:41:e9:3d:39:d1:e3:25:61:af:62:83:fc:35:b2:f3:f3:de:
ca:ef:12:64
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVyei2u8dYQ9AKhRkU6kwQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NmQ1YzkxMzQ1Mjk5Nzk2OGM3MjFjY2EwYzNjZTA4NDdj
NWM3ZGIwHhcNMjMwMTAyMTIzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQzMjU5ZDE0MzM1ZGQ1NTk2MjBlOGRjYzNlNGE2MGZiNTZjNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiS/ycdN8EJhZU1qvQBGw57wTcMby
Nf87HtK9VgGyFWC1D5LdLNzuB7ddmi8qOFp6vPf3i3IKkDW36+0R/VGyUjknQqzb
ey6IeqPNh4346xnrmd8Vkqn4Gdk6FwOMAIhQXuO1H6LMcon/fNSN20FWD0Z8dg+t
bLvhQ1/3yyDgWpvfAHkJOmdWPuW1oSuJ3sPWvUo16pZu48nncaX/TGx7G8Duaj7K
HmeWwxz1xs0hoW2cxyvelbUQjQ0MkuhPOkvK78bBoQ9F/8SBKxCTM0KvlX89EHaP
D7qGJtydCT/Y4rz8bAP66zw6DBxm3gurg4Ws7am364l0yyYi727g5khIfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKNDJZ0UM13VWWIOjcw+SmD7VsXaMB8GA1UdIwQY
MBaAFCRtXJE0Upl5aMchzKDDzghHxcfbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkcxY2tUUlNtWGxveHlITW9NUE9DRWZGeDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9mMGNhNTEtMzYxOS00MjVkLTg4YzUt
YzUwMTgzY2U0MmUzLzEvbzBNbG5SUXpYZFZaWWc2TnpENUtZUHRXeGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9mMGNhNTEtMzYxOS00MjVkLTg4YzUtYzUwMTgzY2U0MmUz
LzEvSkcxY2tUUlNtWGxveHlITW9NUE9DRWZGeDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhE8AjAN
BgkqhkiG9w0BAQsFAAOCAQEAmi6Bb3Cenh+8kPNfkRTQtMKqbla68MtDaOKDcGtd
gVGm63Z0Li3+XH3TKz3HlqeCDoVqndhwA/Lz5o/UIPHa0Hgq3xcn3S8vzSWJruch
V5dPFGLbKWqB3BdK/XWp7DOs+Rvvmwv36diJmixZCg6MNvdf/UjT5kC4+c6GSNiQ
V57xpA+0I0nSfXPLIaYXKkr5BFrOIPmBv14ncjeVrulfrRcGyl3Kacjbt2n1UGll
PzsKGh7zEfTUonbh1G86jWHkVDhRLKfJD074N2+egOBw2SUqU7g2DcGUbrpJTyrf
Mv4na9muS6c8xhfUa0HpPTnR4yVhr2KD/DWy8/Peyu8SZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:49 2024 by rpki-client on console-ams.rpki-client.org